New Wave of SocGholish Infections Impersonates WordPress Plugins

SocGholish malware, otherwise known as “fake browser updates”, is one of the most common types of malware infections that we see on hacked websites. This long-standing malware campaign leverages a JavaScript malware framework that has been in use since at least 2017. The malware attempts to trick unsuspecting users into downloading what is actually a Remote Access Trojan (RAT) onto their computers, which is often the first stage in a ransomware infection.

Late last week our incident response team identified a fresh wave of SocGholish (fake browser update) infections targeting WordPress websites.

Continue reading New Wave of SocGholish Infections Impersonates WordPress Plugins at Sucuri Blog.